Nexus Signature Chains: Creating a Digital Identity System

The Nexus Tritium update implements Signature Chains (Sigchains) that enable account-based transactions and create a unique cryptographic identity system on the blockchain. This allows a user to safely transfer and prove ownership of assets and data through advanced contracts.

Cryptographic Identity

Sigchains provide a cryptographic identity and a proof of ownership system. When a user publishes, transfers, or leases data, an event is recorded. This allows for a relationship between users and transparent chains of events to be recorded that provide the utility of managing assets and data: titles, deeds, patents, currency, records, music, copyrights, trademarks, websites, medical records etc.

Access to your Sigchain will be through a distributed login system which will generally include a username, password, and a 2FA pin code (Two-Factor Authentication). This can be comparable to logging into an online bank account without a central authority that could hack or control your information. A Sigchain identifies who you are on the blockchain without you having to disclose any personal data, such as birth name or passport number. They also remove the need for a wallet.dat for key storage that is commonly required in legacy blockchain systems.

Biometrics

As we progress into the 21st century, biometrics are becoming increasingly prevalent in our lives. Since a Sigchain is essentially a distributed login system, biometrics could be easily integrated. Though useful, it is important to note that biometrics function well only as a username, not a password. We leave our fingerprints and imprints of our face in digital media all over the world, so we wouldn’t want biometrics to be used in the way many devices use them today.

Unique Routing Identity

Locator / ID Separation Protocol (LISP) on the Network IP Address Layer decouples the endpoint identifiers (EIDs) from routing locators (RLOC’s), providing static addresses while roaming across many networks (Wi-Fi’s, Cellular, Satellite, etc.). By coupling the Sigchain with an EID, the routing identity of any node can be verified through the ledger. This prevents an endpoint from spoofing an EID, and provides the ability to discern the reputation and reliability of who one is communicating with. The result of this is the reduction of fraud, hacking, fake accounts, and identity theft for both consumers and service providers.

Signature Chain Process

A small amount of Proof-of-Work is required to create a Sigchain. The first event of every Sigchain is the creation of the Genesis transaction and the corresponding GenesisID which registers it on the Ledger Layer. A user can then create a register that represents an account, token, some other digital data or asset. The event is witnessed by a consensus of nodes that verify the cryptographic proof corresponding to the Sigchain.

The diagram below shows the transference of a patent register and the corresponding balance transfer of NXS. The transfer of the patent is conditional on the required debit or commitment of funds. If the validation script evaluates to true (REQUIRE DEBIT), then a temporal proof can be produced, allowing the corresponding OP_CREDIT and OP_CLAIM to take place.

Sigchains also provide additional resistance to both classical and theoretical quantum computing attacks. This is achieved by updating the key-pairs after every transaction and obfuscating them until they are used. They also provide a key-management authorization system.

Different forms of reputation can be established and recorded by a Sigchain and verified through the ledger. These reputations can be referenced and utilized by other distributed applications. Sigchains are also fundamental to the recording of Trust which supports the security of the 3DC (Three Dimensional Chain).